From 62e1254ee80bda3e759ebe8e42ade3706fa7e1383b2896875c945f35541dbcc4 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Fri, 13 Oct 2017 08:47:37 +0000
Subject: [PATCH 1/2] nftables-0.8

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftables?expand=0&rev=22
---
 nftables-0.7.tar.bz2     |   3 ---
 nftables-0.7.tar.bz2.sig | Bin 543 -> 0 bytes
 nftables-0.8.tar.bz2     |   3 +++
 nftables-0.8.tar.bz2.sig | Bin 0 -> 543 bytes
 nftables.changes         |  33 +++++++++++++++++++++++++++++++++
 nftables.spec            |   6 +++---
 6 files changed, 39 insertions(+), 6 deletions(-)
 delete mode 100644 nftables-0.7.tar.bz2
 delete mode 100644 nftables-0.7.tar.bz2.sig
 create mode 100644 nftables-0.8.tar.bz2
 create mode 100644 nftables-0.8.tar.bz2.sig

diff --git a/nftables-0.7.tar.bz2 b/nftables-0.7.tar.bz2
deleted file mode 100644
index 50f1247..0000000
--- a/nftables-0.7.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fe639239d801ce5890397f6f4391c58a934bfc27d8b7d5ef922692de5ec4ed43
-size 451728
diff --git a/nftables-0.7.tar.bz2.sig b/nftables-0.7.tar.bz2.sig
deleted file mode 100644
index f1c7e3473c68c2a0c9a7d1e91a521fc3392f01075d21f5de6c1d503b0b7117cd..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 543
zcmV+)0^t3L0vrSY0RjL91p-)Ej<^5{2@tDBRiP%*lH^Kg5B??S7&}ACY46dn_%Tsw
zq3!3hEa&7w=t61S&X#MpT$t6)x2D!CsDA*qTz&^=Vm4r~a*%gdZfobccQ1Uw?~XL5
z?B)NHO2$wqo(qogwuuGg;se(t`ImncJ$9roI8N@xI*wg+vuq_OKi-U`!*bvb$gdn7
z*MO#v2ZB}_+b0_K+g3dO*U6@*rgTs{3+VF%CQ3YCBN+Hxj#Itk18p8u#!P(-rlQ7{
zNX7PzAVcUejy%W<WHF?LzJe6tI)?H8J_;sjps)qHt@KppX_KmHl5?JTUUy#hgKm!u
zOe%uKscNVmHo)~4`R9(HWzfl1wCOI3#w=VEaI)Y3anq+4;$e<9a6n>Hehe5hHmqj`
zt*(;Kv7^puWOCd@{3R5Z&gXH9OVdaT)mZQ66ELe5PzG@4{mnkEW~9>`UU`EvjUoYk
zN5lovfDF+}?oPsk1&`({bs{mX1J+3H<pR|a#Xg{PJ^E-Y3bQ{1IT&|$=WUvuhZE;x
zE#(+!Cnl0L@x{b)xNy}=uH{9da|o*kuyXYhiBF%^rB-j<o?=*$K-&!z9O2#fD`SI~
zyf!r-*USf)Kf)nZt5OHPBCY%k8EtQgQr&|!0Nw8b^m{j<!Pn5BGN(gcA4yZ(p&WId
hvMy^o_L3{!N74>OeJp)LyrJ;Q48cc-W9uD0WeQjW1Tp{s

diff --git a/nftables-0.8.tar.bz2 b/nftables-0.8.tar.bz2
new file mode 100644
index 0000000..0684248
--- /dev/null
+++ b/nftables-0.8.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3f5b88e7b163bb46aa39e89419686b98f9316606a05865c3856dc68e414f389a
+size 552345
diff --git a/nftables-0.8.tar.bz2.sig b/nftables-0.8.tar.bz2.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..c044aa5d13c683255a7cd6bf83fa716fe8e97ff4cc32ca8c6a13e05cba68e006
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p-;${qq0{2@tDBRiP%*lH?ro5B@Xr3Mkz^Hg1N3+H}#f
zN1LHY$;DT-<T7s&0hLnd67YV&-dzLq4A^N$uOt%c(GI^=+VnR8>=()nKz4C%fnJX5
z2y8i)l~=p9d-+G|e66S@G(L*f-Q4t(%POlrd6Xs&Z~ajtstCPZsRiV@Jl#2WYw0hF
zZn}4Z8HGc19hwZVxi0;FV^hAm9B7rN(tXRz5HT=e%D-}_JsXUMXkYoMtcp9JkOWn*
zZ8t-4Knx;@iDjMy*fkYer20ldDOnq`Z!G&mh`Jo8tb+S~;~wgORn!jr9NBWlz-=gG
zIhSIXm?ng^&NXq-TOx8Kw{a2R8opO|yr#ro3<9q?2|Xp$ORR-&v!S@<;ft;Uz?Q{=
znk)E!G;G<GHH5mow_Z_*9Iw-+fZ62LeSy9%)?KpEyeD(9$4F`T9gxS^S*Uz3owAMC
zWA0u4;Ajt^C{J<n--JZq=iZr*#CJ7*Q3b$eVQcHjM$<)S{2SiPaIP-NKdoIf7wl_=
zvwU*ABdgL8d-Dh$wCuNk$Wt23+MnWIPnD<CsT0Cf@PYhmXQVcg&Cxh4jrXJnxPJiI
z_m@_REFjmsx_RW}mo-bfxhpp3?a(HmQazM%K{uM`cokj1cSBL`uAXjhcO$BwqBvu^
h8bzA*Y4MnAycbJabL%)UNj2q!&3&;>66}n|)RQZQ4;TOd

literal 0
HcmV?d00001

diff --git a/nftables.changes b/nftables.changes
index b3140a9..9569af8 100644
--- a/nftables.changes
+++ b/nftables.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Fri Oct 13 08:39:41 UTC 2017 - jengelh@inai.de
+
+- Update to new upstream release 0.8
+  * This release contains new features available up to the
+    (upcoming) Linux 4.14 kernel release:
+  * Support for stateful objects, these objects are uniquely
+    identified by a user-defined name, you can refer to them from
+    rules, and there is a well established interface to operate
+    with them.
+  * Sort set elements when listing them, from lower to largest.
+  * TCP option matching and mangling support. This includes TCP
+    maximum segment size mangling.
+  * Add new "-s" option for listings without stateful information.
+  * Add new -c/--check option for nft, to tests if your ruleset
+    loads fine, into the kernel, this is a dry run mode.
+  * Connection tracking helper support.
+  * Add --echo option, to print the handle that the kernel
+    allocates to uniquely identify rules.
+  * Conntrack zone support
+  * Symmetric hash support
+  * Add support to include directories from nft natives scripts,
+    files are loaded in alphanumerical order.
+  * Allow to check if IPv6 extension header or TCP option exists
+    or is missing.
+  * Extend quota support to display used bytes.
+  * Add ct average matching, to match average bytes per packet a
+    connection has transferred so far, to map the existing
+    feature available in the iptables connbytes match.
+  * Allow to flush maps and flow tables.
+  * Allow to embed set definition into an existing set.
+  * Conntrack event filtering support via rule.
+
 -------------------------------------------------------------------
 Tue Dec 20 22:35:41 UTC 2016 - jengelh@inai.de
 
diff --git a/nftables.spec b/nftables.spec
index 4022578..f1e8f15 100644
--- a/nftables.spec
+++ b/nftables.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package nftables
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,14 +17,14 @@
 
 
 Name:           nftables
-Version:        0.7
+Version:        0.8
 Release:        0
 Summary:        Userspace utility to access the nf_tables packet filter
 License:        GPL-2.0
 Group:          Productivity/Networking/Security
 Url:            http://netfilter.org/projects/nftables/
-#Git-Clone:	git://git.netfilter.org/nftables
 
+#Git-Clone:	git://git.netfilter.org/nftables
 Source:         http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2
 Source2:        http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2.sig
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

From 105f2b98b76aedb3fa13190fa3451be28b0d4943594fca15ba755a158201c0a6 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Sat, 14 Oct 2017 17:55:57 +0000
Subject: [PATCH 2/2] OBS-URL:
 https://build.opensuse.org/package/show/security:netfilter/nftables?expand=0&rev=23

---
 nftables.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nftables.spec b/nftables.spec
index f1e8f15..037f2f0 100644
--- a/nftables.spec
+++ b/nftables.spec
@@ -37,7 +37,7 @@ BuildRequires:  pkgconfig >= 0.21
 BuildRequires:  readline-devel
 BuildRequires:  xsltproc
 BuildRequires:  pkgconfig(libmnl) >= 1.0.3
-BuildRequires:  pkgconfig(libnftnl) >= 1.0.7
+BuildRequires:  pkgconfig(libnftnl) >= 1.0.8
 BuildRequires:  pkgconfig(xtables) >= 1.6.0
 Obsoletes:      nftables-plus < %version-%release
 Provides:       nftables-plus = %version-%release